Tatsuya Kinoshita

**Name of the Vulnerable Software and Affected Versions** w3m versions prior to 0.5.3 **Description** The issue arises from improper handling of temporary files when the ~/.w3m directory is unwritable. This allows a local attacker to potentially craft a symlink attack, enabling them to overwrite arbitrary files. **Recommendations** For versions prior to 0.5.3, update to version 0.5.3 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: FDclone versions 2.00a through 2.01 Description: The issue allows local users to read or modify files of other FDclone users by creating a temporary directory with a predictable name ahead of time. This is possible because FDclone creates temporary directories with predictable names and uses them if they already exist. Recommendations: For FDclone versions 2.00a through 2.01, consider updating to version 2.02a or later to resolve the issue. As a temporary workaround, restrict access to the temporary directories used by FDclone to minimize the risk of exploitation.